package com.microsoft.workaccount.workplacejoin;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.app.Activity;
import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.os.Looper;
import android.text.TextUtils;
import android.util.Log;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.internal.util.AccountManagerUtil;
import com.microsoft.workaccount.workplacejoin.core.StringHelper;
import com.microsoft.workaccount.workplacejoin.core.Util;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinApplication;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinFailure;
import com.microsoft.workaccount.workplacejoin.telemetry.TelemetryLogger;
import java.io.IOException;
import java.security.AccessControlException;

/* loaded from: classes2.dex */
public class WorkplaceJoinOperation {
    public static final String TAG = WorkplaceJoinOperation.class.getSimpleName() + "#";

    private Bundle getAddAccountBundle(String str, String str2, AccountInfo accountInfo, String str3, boolean z, boolean z2) {
        Bundle bundle = new Bundle();
        bundle.putString(WorkplaceJoinApplication.DATA_UPN, accountInfo.getDisplayableId());
        bundle.putString(WorkplaceJoinApplication.DATA_TOKEN, str);
        bundle.putString(WorkplaceJoinApplication.DATA_REFRESH_TOKEN, str2);
        bundle.putString(WorkplaceJoinApplication.DATA_DISPLAYABLE_ID, accountInfo.getDisplayableId());
        bundle.putString(WorkplaceJoinApplication.DATA_NO_CERT_INSTALL, Boolean.toString(z));
        bundle.putString(WorkplaceJoinApplication.DATA_DISCOVERY, str3);
        if (z2) {
            bundle.putBoolean(WorkplaceJoinApplication.DATA_IS_SHARED_DEVICE, true);
        }
        Logger.i(TAG, "Add userinfo to account options");
        String uniqueId = accountInfo.getUniqueId();
        if (!TextUtils.isEmpty(accountInfo.getTenantId())) {
            uniqueId = uniqueId + "." + accountInfo.getTenantId();
        }
        String homeAccountId = accountInfo.getHomeAccountId();
        if (TextUtils.isEmpty(homeAccountId) && !TextUtils.isEmpty(accountInfo.getTenantId())) {
            homeAccountId = uniqueId;
        }
        bundle.putString("account.userinfo.userid", homeAccountId);
        bundle.putString("account.userinfo.userid.list", uniqueId + "$");
        bundle.putString("account.userinfo.given.name", accountInfo.getGivenName());
        bundle.putString("account.userinfo.family.name", accountInfo.getFamilyName());
        bundle.putString("account.userinfo.identity.provider", accountInfo.getIdentityProvider());
        bundle.putString("account.userinfo.tenantid", accountInfo.getTenantId());
        bundle.putString("account.userinfo.userid.displayable", accountInfo.getDisplayableId());
        return bundle;
    }

    private String getWPJUPNThroughAccountManager(Context context) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            Bundle bundle = new Bundle();
            bundle.putString(AuthenticationConstants.Broker.BROKER_ACCOUNT_MANAGER_OPERATION_KEY, WorkplaceJoinApplication.DATA_UPN);
            return getBundleThroughAddAccount(context, null, bundle, "getWPJUPNThroughAccountManager").getString(WorkplaceJoinApplication.DATA_UPN);
        } catch (Exception e) {
            Logger.e(TAG + "getWPJUPNThroughAccountManager", "Failed to get WPJ UPN through Account Manager: " + Log.getStackTraceString(e), WorkplaceJoinFailure.INTERNAL);
            throw e;
        }
    }

    private void throwOnMainThread(String str) {
        if (Looper.myLooper() != Looper.getMainLooper()) {
            return;
        }
        throw new IllegalStateException("method: " + str + " may not be called from main thread.");
    }

    private void validateAddAccountPermission(Context context) throws WorkplaceJoinException {
        if (Build.VERSION.SDK_INT >= 23 || context.checkCallingOrSelfPermission("android.permission.MANAGE_ACCOUNTS") == 0) {
            return;
        }
        Logger.e(TAG + "validateAddAccountPermission", "Permission not granted for the calling uid, requires permission MANAGE_ACCOUNTS", WorkplaceJoinFailure.USER);
        throw new WorkplaceJoinException("Permission not granted for the calling uid, requires permission MANAGE_ACCOUNTS", WorkplaceJoinFailure.USER, new AccessControlException("Permission not granted for the calling uid, requires permission MANAGE_ACCOUNTS"));
    }

    private void validateContext(Context context) {
        if (context != null) {
            return;
        }
        Logger.e(TAG + "validateContext", "context null, throwing IllegalArgumentException", WorkplaceJoinFailure.INTERNAL);
        throw new IllegalArgumentException("Context is null");
    }

    private void validateJoinResultBundle(Bundle bundle) throws WorkplaceJoinException {
        if (bundle == null) {
            Logger.e(TAG + "validateJoinResultBundle", "bundle.getResult returned null, calling onJoinedListener.onError with arguments wpjSucceeded: false, retry: true, message: No bundle returned from AccountManager.addAccount", WorkplaceJoinFailure.INTERNAL);
            throw new WorkplaceJoinException("No bundle returned from AccountManager.addAccount", WorkplaceJoinFailure.INTERNAL, null);
        }
        if (bundle.getString("errorMessage", null) == null) {
            if (bundle.getString("authAccount", null) != null) {
                return;
            }
            Logger.i(TAG + "validateJoinResultBundle", "calling onJoinedListener.onError with arguments wpjSucceeded: false, retry: false, message: Unexpected return state from AccountManager: no KEY_ERROR_MESSAGE or KEY_ACCOUNT_NAME present., failureType: " + WorkplaceJoinFailure.INTERNAL.toString());
            throw new WorkplaceJoinException("Unexpected return state from AccountManager: no KEY_ERROR_MESSAGE or KEY_ACCOUNT_NAME present.", WorkplaceJoinFailure.INTERNAL, null);
        }
        String string = bundle.getString("errorMessage");
        Boolean valueOf = Boolean.valueOf(bundle.getBoolean(WorkplaceJoinApplication.DATA_RETRY));
        WorkplaceJoinFailure valueOf2 = WorkplaceJoinFailure.valueOf(bundle.getString(WorkplaceJoinApplication.DATA_FAILURE_TYPE));
        Logger.i(TAG + "validateJoinResultBundle", "calling onJoinedListener.onError with arguments wpjSucceeded: false, retry: " + valueOf + ", failureType: " + valueOf2.toString(), "Message: " + string);
        throw new WorkplaceJoinException(valueOf.booleanValue(), string, valueOf2, null);
    }

    public Account getAccount(Context context) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            String workplaceJoinedUpn = new WorkplaceJoinServiceProxy(context).getWorkplaceJoinedUpn();
            if (!StringHelper.IsNullOrBlank(workplaceJoinedUpn)) {
                Logger.v(TAG + "getAccount", "WPJ upn detected via service proxy, converting to account.", "Account UPN: " + workplaceJoinedUpn);
                return new Account(workplaceJoinedUpn, "com.microsoft.workaccount");
            }
        } catch (IOException e) {
            Logger.v(TAG + "getAccount", "Failed to connect to workplace join bind service handler for upn. Error:" + e.getMessage());
            if (AccountManagerUtil.canUseAccountManagerOperation(context)) {
                Logger.v(TAG + "getAccount", "Try the fallback account manager method.");
                String wPJUPNThroughAccountManager = getWPJUPNThroughAccountManager(context);
                if (!StringHelper.IsNullOrBlank(wPJUPNThroughAccountManager)) {
                    Logger.v(TAG + "getAccount", "WPJ upn obtained through AccountManager. converting to account.", "Account UPN: " + wPJUPNThroughAccountManager);
                    return new Account(wPJUPNThroughAccountManager, "com.microsoft.workaccount");
                }
            }
        }
        Logger.i(TAG + "getAccount", "WPJ account does not exist.");
        return null;
    }

    Bundle getBundleThroughAddAccount(Context context, Activity activity, Bundle bundle, String str) throws AuthenticatorException, OperationCanceledException, IOException, WorkplaceJoinException {
        try {
            throwOnMainThread(str);
            validateContext(context);
            Util.validateAuthenticator(context);
            validateAddAccountPermission(context);
            TelemetryLogger.logSessionStart(context, str);
            return AccountManager.get(context).addAccount("com.microsoft.workaccount", "", null, bundle, activity, null, null).getResult();
        } catch (Exception e) {
            TelemetryLogger.logSessionEnd(context, str, Boolean.TRUE, e);
            throw e;
        }
    }

    Bundle getBundleThroughUpdateCredentials(Account account, Context context, Activity activity, Bundle bundle, String str) throws AuthenticatorException, OperationCanceledException, IOException, WorkplaceJoinException {
        try {
            throwOnMainThread(str);
            validateContext(context);
            Util.validateAuthenticator(context);
            TelemetryLogger.logSessionStart(context, str);
            return AccountManager.get(context).updateCredentials(account, "", bundle, activity, null, null).getResult();
        } catch (Exception e) {
            TelemetryLogger.logSessionEnd(context, str, Boolean.TRUE, e);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getDeviceId(Account account, Context context) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_DEVICE_ID, true);
            Logger.i(TAG + "getDeviceId", "Retrieve deviceId from account manager.");
            return getBundleThroughUpdateCredentials(account, context, null, bundle, "getDeviceId").getString(WorkplaceJoinApplication.DATA_DEVICE_ID);
        } catch (Exception e) {
            Logger.e(TAG + "getDeviceId", "Failed to get deviceId: " + Log.getStackTraceString(e), WorkplaceJoinFailure.INTERNAL);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean getDeviceState(Account account, Context context) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_DRS_DEVICE_STATE, true);
            Logger.i(TAG + "getDeviceState", "Getting device state");
            return getBundleThroughUpdateCredentials(account, context, null, bundle, "getDeviceState").getBoolean(WorkplaceJoinApplication.DATA_DRS_DEVICE_STATE);
        } catch (Exception e) {
            if (e.getMessage() != null && e.getMessage().contains("status code:404")) {
                TelemetryLogger.logSessionEnd(context, "getDeviceState:404", Boolean.FALSE);
                return false;
            }
            Logger.e(TAG + "getDeviceState", "Failed to launch cert install: " + Log.getStackTraceString(e), WorkplaceJoinFailure.INTERNAL);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean getIsSharedDevice(Account account, Context context) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_IS_SHARED_DEVICE, true);
            Logger.v(TAG + "getIsSharedDevice", "Checking device's shared status.");
            return getBundleThroughUpdateCredentials(account, context, null, bundle, "getIsSharedDevice").getBoolean(WorkplaceJoinApplication.DATA_IS_SHARED_DEVICE);
        } catch (Exception e) {
            Logger.e(TAG + "getIsSharedDevice", "Failed to query device's shared status: " + Log.getStackTraceString(e), WorkplaceJoinFailure.INTERNAL);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean installCert(Account account, Activity activity) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_INSTALL_CERT_ACTIVITY, true);
            Logger.i(TAG + "installCert", "Get the intent to launch install cert activity");
            return getBundleThroughUpdateCredentials(account, activity, activity, bundle, "installCert").getBoolean(WorkplaceJoinApplication.DATA_CERT_INSTALLED);
        } catch (Exception e) {
            Logger.e(TAG + "installCert", "Failed to launch cert install: " + Log.getStackTraceString(e), WorkplaceJoinFailure.INTERNAL);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String join(Activity activity, String str, String str2, AccountInfo accountInfo, String str3, boolean z, boolean z2) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            Bundle addAccountBundle = getAddAccountBundle(str, str2, accountInfo, str3, z, z2);
            Logger.i(TAG + "join", "Joining the device.");
            Bundle bundleThroughAddAccount = getBundleThroughAddAccount(activity, activity, addAccountBundle, "join");
            validateJoinResultBundle(bundleThroughAddAccount);
            return bundleThroughAddAccount.getString("authAccount");
        } catch (Exception e) {
            Logger.e(TAG + "join", "Failed to join the device: " + Log.getStackTraceString(e), WorkplaceJoinFailure.INTERNAL);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void leave(Account account, Context context) throws AuthenticatorException, WorkplaceJoinException, OperationCanceledException, IOException {
        try {
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_DELETE, true);
            Logger.v(TAG + "leave", "Authenticator is installed and leave api call is redirected to Authenticator");
            getBundleThroughUpdateCredentials(account, context, null, bundle, "leave");
        } catch (Exception e) {
            Logger.e(TAG + "leave", "Failed to leave WPJ: " + Log.getStackTraceString(e), WorkplaceJoinFailure.INTERNAL);
            throw e;
        }
    }
}
